Security Engineer

Department: Operations

Office: Remote Locations

The Security Engineer is responsible for handling all digital security. Duties include building digital security protocols, operating a cyber security system and maintaining an IT security infrastructure for our organization.

In this position, you will develop, execute and track the performance of security measures to protect information and network infrastructure and computer systems. You will be expected to Identify, define and document system security requirements and recommend solutions to management. You will also help educate and train staff on information system security best practices.

Major Duties and Responsibilities

  • Security Engineering                                                                                                                                             
  • Perform infrastructure security design.
  • Perform cloud security design.
  • Perform vulnerability assessments.
  • Harden systems for cyber resilience.
  • Install and maintain security products.
  • Monitor systems events, logfiles, and alerts.
  • Evaluate new security products and solutions.
  • Oversee enterprise patch management and vulnerability remediation.

Architecture and Design                                                                                                                                        

  • Perform product security design.
  • Perform infrastructure security design.
  • Design data storage, manipulation, and retrieval strategies.
  • Define standards, procedures, and policies.
  • Provide design and oversight into identity and access management (IAM)
  • Perform research on emerging cyber security issues.

Leadership: Cyber Planning                                                                                                                                  

  • Provide strategic guidance, oversight and leadership to cyber planning.
  • Define cyber strategy and road maps.
  • Perform cyber maturity, solutions, and capability gap assessments.
  • Define company wide security policies and procedures.
  • Create and deliver security awareness training.
  • Define roles and responsibilities (RACI matrix)
  • Manage services evaluations and implementations.
  • Provide strategic guidance, oversight, and leadership to cybersecurity budgets.
  • Oversee inner department and business security integration and collaboration.

Security Operations                                                                                                                                              

  • Install and maintain security products.
  • Monitor system events, logfiles, and alerts
  • Analyze network security alerts and events.
  • Create and maintain network access (firewall) rulesets and policies.
  • Harden systems for cyber resilience.
  • Create and maintain systems configuration baselines.
  • Assist the helpdesk.
  • Research new threats, attack techniques and methods.
  • Design and/or develop automated data center process and procedures.
  • Conduct security lifecycle and business impact assessments.
  • Participate in business continuity and disaster planning.

AppSec                                                                                                                                                                     

  • Perform application security testing.
  • Access web, mobile, and/or embedded applications.
  • Provide remediation guidance and oversight.
  • Integrate security into the software development lifecycle (SDLC)
  • Provide security oversight and design guidance to the DevOps process.
  • Provide remediation and oversight to discovered vulnerabilities.
  • Evaluate encryption strengths and implementations.
  • Develop metrics to measure the application security program. 

Education and Training Guidelines

  • Bachelor of Science in Computer Science or a related field.
  • Five or more years’ work experience as a System Security Engineer or related position.
  • Proven experience developing, operating and maintaining security systems.
  • Extensive knowledge of operating system and database security.
  • Proficiency in networking technologies, network security and network monitoring solutions.
  • Knowledge of security systems including anti-virus applications, content filtering, firewalls, authentication systems and intrusion detection and notification systems.
  • In-depth knowledge of security protocols and principles.
  • Critical thinking skills and ability to solve complex problems.
Amur Equipment Finance is an equal opportunity employers. This application will not be used for limiting or excluding any applicant from consideration for employment on a basis prohibited by local, state, or federal law. Should an applicant need reasonable accommodation in the application process, he or she should contact hr@amuref.com.

Job Application

Please submit a cover letter and resume.

Files must be less than 100 MB.
Allowed file types: pdf doc docx.
Files must be less than 100 MB.
Allowed file types: pdf doc docx.